21 matches found
CVE-2023-39965
CVE-2023-39965 affects the 1Panel backend (version 1.4.3) where authenticated users can download arbitrary files through the API interface, causing information leakage. The root cause is unauthorized file access via the API (not requiring high privileges). The issue is addressed in version 1.5.0,...
CVE-2023-36458
1Panel is an open source Linux server operation and maintenance panel. Affected versions are
CVE-2023-36457
1Panel (open-source Linux server operation/maintenance panel) prior to v1.3.6 is affected by a command injection vulnerability when adding container repositories. An authenticated attacker can craft a malicious payload (as demonstrated by the reported payloads in advisories) to trigger code execu...
CVE-2023-39964
Summary: CVE-2023-39964 affects 1Panel O&M panel. In version 1.4.3, the function LoadFromFile in api/v1/file.go reads a server file directly from the unfiltered path parameter, enabling arbitrary file reads of important configuration files. The issue is a background file read vulnerability exploi...
CVE-2023-39966
1Panel CVE-2023-39966 affects v1.4.3; the api/v1/file.go SaveContentthat function accepts user POST JSON without proper parameter filtering, enabling arbitrary file writes and potential full server control. 1.5.0 patches this issue. Related advisories cite an arbitrary file write vulnerability wi...
CVE-2024-24768
What is affected : 1Panel, a Linux server operation and maintenance management panel. Vulnerability : The HTTPS session cookie used by 1Panel does not have the Secure attribute, which may allow the cookie to be exposed over non-HTTPS connections. Root cause / details in sources : Cookie missing S...
CVE-2024-2352
1Panel up to 1.10.1-lts is affected by CVE-2024-2352 via command injection in the function baseApi.UpdateDeviceSwap (file /api/v1/toolbox/device/update/swap). The issue arises from untrusted input in the Path argument (example: 123123123\nopen -a Calculator), which can be exploited remotely. Publ...
CVE-2024-27288
1Panel open source Linux server panel vulnerable before version 1.10.1-lts . If a user intercepts a request with Burp to the secure entry point, they can obtain unauthorized access to the console page (no data returned or modifications in some reports). The issue is fixed in v1.10.1-lts; affected...
CVE-2024-34352
CVE-2024-34352 affects the 1Panel project (open source Linux server O&M panel). Prior to v1.10.3-lts, command injection vulnerabilities allow arbitrary file writes and can lead to remote code execution. The root cause involves inadequate input filtering and an exploit path using the mirror config...
CVE-2023-37477
1Panel exposes an OS command injection in its firewall IP endpoint (/hosts/firewall/ip). The vulnerability allows an authenticated attacker to craft input that leads to arbitrary command execution, potentially full system compromise. The issue stems from lack of input validation in the firewall f...
CVE-2024-39907
1Panel is affected by an authenticated SQL injection vulnerability in its web-based Linux server management panel. The connected Nuclei template and related advisories describe multiple SQL injections that are not properly filtered, enabling arbitrary file writes and remote code execution (RCE). ...
CVE-2024-30257
CVE-2024-30257 affects 1Panel, an open-source Linux server operations and maintenance panel. The vulnerability arises from password verification using a != comparison instead of the secure hmac.Equal , creating a timing side-channel that could facilitate password guessing. Multiple sources corrob...
CVE-2025-54424
1Panel (Go to Mode C): The CVE-2025-54424 vulnerability affects 1Panel versions 2.0.5 and earlier, where TLS certificate verification between Core and Agent endpoints is incomplete, allowing an attacker to bypass client cert validation and access high-privilege interfaces. This leads to remote co...
CVE-2024-39911
CVE-2024-39911 affects 1Panel, a web-based Linux server management control panel. The issue is an unspecified SQL injection via User-Agent handling that can impact confidentiality, integrity, and availability. Red Hat and other sources corroborate the same description and note the fix in version ...
CVE-2025-56413
CVE-2025-56413 affects 1panel v2.0.8, where the OS command injection occurs in the OperateSSH function. An attacker can trigger arbitrary commands via the operation parameter of the /api/v2/hosts/ssh/operate endpoint. This aligns with the reported CVSS: NETWORK vector, HIGH impact (C, I, A). Publ...
CVE-2025-66507
CVE-2025-66507 (1Panel) : 1Panel is affected; versions 2.0.13 and earlier expose a CAPTCHA bypass via a client-controlled parameter that the server trusted without validation. This allows an unauthenticated attacker to bypass CAPTCHA verification, enabling automated login attempts and increasing ...
CVE-2026-23525
CVE-2026-23525 affects 1Panel, a web-based Linux server management panel. The stored XSS vulnerability originates from insufficient sanitization in the MdEditor component (previewOnly) used to render App Store and related content, allowing malicious scripts to run in the user’s browser and potent...
CVE-2025-34410
1Panel versions 1.10.33–2.0.15 have a CSRF in Change Username under /settings/panel. The endpoint lacks anti-CSRF tokens and Origin/Referer checks, enabling an attacker to submit a username-change request via a malicious page while the victim is authenticated. The victim’s username can be changed...
CVE-2025-34429
1Panel CSRF in web port configuration affects versions 1.10.33–2.0.15. The port-change endpoint lacks anti-CSRF defenses (no anti-CSRF tokens; no Origin/Referer checks). An attacker can lure an authenticated user to submit a crafted request, causing the web service to listen on a new port and pot...
CVE-2025-66508
1Panel (GitHub/Governance: 1Panel) contains a vulnerability where Gin’s default proxy trust config (TrustedProxies = 0.0.0.0/0) causes X-Forwarded-For headers to be trusted, letting attackers bypass IP-based access controls (AllowIPs, API whitelists, localhost checks) by sending X-Forwarded-For: ...
CVE-2025-34430
CVE-2025-34430 concerns a CSRF in 1Panel (versions 1.10.33 through 2.0.15) affecting the panel name management functionality. The affected endpoint reportedly lacks CSRF defenses such as anti-CSRF tokens and Origin/Referer validation. An attacker can lure an authenticated user to a malicious page...